Home Depot may be latest security breach victim

Home Depot is the latest large retailer to be involved in a massive date breach of consumer's credit and debit cards. (Source: Mike Mozart/Flickr/MGN Online)

(RNN) – The hardware retail store Home Depot may be the latest U.S. security breach victim, where credit and debit card information went for sale on the internet's black cybersecurity market.

Home Depot has not confirmed the data breach, which was first reported Tuesday on the cybersecurity website Krebs on Security.

The report indicates that several banks reported to "suspicious activity" and that it could be “the source of a massive new batch of stolen credit and debit cards.” The information was found on “cybercrime underground” and law enforcement and banks began investigating.

There have been no reports on how many customers or stores have been affected by the breach.

The information was being sold on rescator.cc, an underground online store that reportedly moved two large batches of stolen information on Tuesday.

Krebs on Security confirmed with Home Depot spokeswoman Paula Drake that the company is investigating.

“I can confirm we are looking into some unusual and we are working with our banking partners and law enforcement to investigate,” Drake said in a statement to Krebs.

Drake would not confirm a breach, but said if one is confirmed, Home Depot would “make sure customers are notified immediately.”

“Right now, for security reasons, it would be inappropriate for us to speculate further – but we will provide further information as soon as possible,” Drake said.

In screenshots provided from the rescator.cc website by certified computer forensics and security consultant Blake Engels, batches of the stolen data are filed under the name “American Sanctions.” There are two batches under the "American Sanctions," and there is also a group of data under "European Sanctions." All of the batches are from the same release.

Krebs on Security implies that the possible breach could indicate that the hack was performed by Russian cybercriminals in retaliation to Western action against Russia in its dealings with Ukraine.

Russian hackers were also responsible for the major Target security breach; for Target, 40 million credit and debit cards were breached for nearly 70 million customers.

Krebs also noted that further investigation from banks indicate that the possible hack could have begun as early as late April or early May.

Home Depot, headquartered in Atlanta, was founded in 1978 by Bernie Marcus and Arthur Blank. Home Depot has more than 2,200 stores in North America and is the nation's fifth-largest retailer, according to the National Retail Federation.

Several other restaurants, businesses and stores have been hacked in 2014. Among them are: Target, P.F. Chang's, AT&T, Sally Beauty Supply, the grocer Supervalu, and others.